Attention: Your browser doesn't support javascript or you have deactivated Javascript in your browser. Please enable Javascript in your browser in order to be able to use all functions of this website.

NA 043

DIN Standards Committee Information Technology and IT Applications

About NIA Projects Drafts Publications Documents withdrawn without replacement National committees European committees International committees

Technical Specification [CURRENT]

DIN CEN/TS 419221-2 ; DIN SPEC 16572-2:2016-10
Protection Profiles for TSP cryptographic modules - Part 2: Cryptographic module for CSP signing operations with backup; English version CEN/TS 419221-2:2016

Title (German)

Schutzprofile für kryptographische Module von vertrauenswürdigen Dienstanbietern - Teil 2: Schutzprofil für CSP Signieroperationen mit Sicherung; Englische Fassung CEN/TS 419221-2:2016

Procedure

Overview

This Protection Profile (PP) defines the security requirements of a Cryptographic Module (CM) used by CSP as part of its trustworthy system to provide signing services, such as Certificate Generation Service or Certificate Status Information Signing Services. The Cryptographic Module, which is the Target of Evaluation (TOE), is used for the creation of CSP key pairs, and their usage for the creation and verification of advanced electronic signatures in qualified certificates or certificate status information. The private keys are referred to in this PP as Certification Service Provider Signature-Creation Data (CSP-SCD). The public keys are referred as Certification Service Provider Signature-Verification Data (CSP-SVD). The TOE may implement additional functions and security requirements, e.g. for the creation of Signature Creation Data (SCD) for loading into Secure Signature Creation Devices (SSCD) as part of a Subscriber Device Provision Service. However, these additional functions and security requirements are not subject of this Protection Profile. This PP is Common Criteria Part 2 extended and Common Criteria Part 3 conformant. The assurance level for this PP is EAL4, augmented with ADV IMP.2 (implementation of TSF), AVA CCA.1 (vulnerability assessment, covert channel analysis), and AVA VLA.4 (vulnerability assessment, extremely resilient). The minimum strength level for the TOE security functions is "SOF-high" (high strength of functions).